Outlook can be configured with a user/mail certificate allowing end users to send “signed” messages. It’s a seal of authenticity that the sender is the “person” that they say they are. Quite a few people use these, and you don’t need anything special infrastructure-wise in order to get this going.

You can use Microsoft Certificate Services, to issue certificates, or you as an end-user can use a certificate from a third party – the choice is up to you; and your IT policy.

Once you have a certificate you can send mail and use that certificate. You can even set it so that Outlook will sign all mail as you send it.

When you send a signed message, this is what you see in Outlook :

Notice the red padlock, and the “Signed By” entry in the reading pane.

Archiving these type of messages with Enterprise Vault is no problem with (for example) EV 9.0.2. There have been one or two problems in the past where signed/encrypted message archiving was broken, but they have been fixed.

If you archive an item, this is what you will see in Outlook :

Notice the red padlock icon has gone, so too has the “Signed By” label in the reading pane. What you will also notice is that the item is fully indexed, and the shortcut will adhere to your shortcut policy in terms of banner, content and so on.

When you double click on archived mail it will be retrieved either from your Vault Cache or from the Enterprise Vault server, and displayed as the regular item would be. That too will have the red padlock icon back, and “Signed By” will be present.